Houston Cybersecurity Conference

January 24, 2019

CHECK-IN AND OPENING INTRODUCTIONS

Data Connectors is proud to host the Cybersecurity Strategies Conference.

Session One

8:45 am - 9:15 am

Patrick Hayes

Managing Director, Security Operations & MSS

Security Incidents are different than IT Incidents

Organizations are challenged with ensuring that their customers and staff have access to the systems and services needed to conduct business. Often times what could be perceived as a simple disruption to service can become a serious and damaging security breach. If treated and remediated without the due care of a security incident, you may lack the important steps necessary in addressing the serious nature of the event. With data breaches at an all-time high, ensuring that organizations are properly addressing security incidents is paramount in protecting corporate and customer information, as well as maintaining the availability of services. This presentation will address how to recognize a security incident from and IT incident, evaluate the associated risks, and determine the most effective approach before, during and after an attack.

Speaker’s Bio:

As Managing Director, Security Operations and Managed Security Services, Patrick is responsible for Online’s Security Operations Center (SOC) and our Managed Security Services team. Patrick is a transformational leader, innovator, and certified enterprise security architect. For the last 25 years, Patrick has focused on developing value-based services to enable customer innovation and growth. Prior to Online Business Systems, Patrick served as Senior Vice President for Hitachi Systems, responsible for Security Services in North America and Vice President, of Seccuris, as well as holding senior roles with Allstream and IBM.

Session Two

9:15 am - 9:45 am

Al Sterling

Solutions Engineer

The Bots are Coming!

Actually, they are here. They now represent over 50 percent of internet traffic. But not all bots are bad. There are many good bots, such as chat bots and search engine bots, that we rely on in our day-to-day digital lives. You do need to know the difference and take control of your bot traffic—they cannot be ignored and you cannot just block them all. In this presentation, we will look at the growth of bots, good bots versus bad bots, what to look for in a bot mitigation solution and a few use cases.

Speaker’s Bio:

Al Sterling has been in the network and application performance space for 20 years, with the last few years specializing in the DNS and Security space. His customer service experience includes working with over 3,000 Oracle Dyn customers – the top banks, social media companies, and ecommerce sites.

Break

9:45 am - 10:15 am

Break / Vendor Booth Time

Session Three

10:15 am - 10:45 am

Jason Snook - Quorum

IT Director

Hurricanes’, Banditos, & Steam Baths

Speaker’s Bio:

Jason lives, works, and plays in Eugene Oregon. He’s been working in IT as a system engineer, network engineer, and finally IT director for over 15 years. He’s worked on the customer side engineering solutions working with vendors and dealing with the buying end of technology prior to working with Quorum. Jason’s been at Quorum for just over 2 years as a Systems Engineer and brings that customer perspective to the world of technology sales.

Session Four

In this talk, we’ll discuss how new approaches and technology advances allow Security Operations teams of all sizes to finally have the capacity of Fortune 100 Companies. Your small team can analyze billions of incoming security events daily using state-of-the-art techniques such as AI, ML, Expert Systems, and probabilistic math. We’ll also discuss the pros and cons of each of these approaches.

Speaker’s Bio:

Raj is currently part of the Respond team focused on helping organizations with automation of Security Operations. Prior to Respond, Raj held Field, Product management and Development roles at Fortify Software, WorkSoft, Rational Software, and Pure Software focusing on SDLC and security.

Lunch

11:15 am - 11:45 am

Break / Vendor Booth Time / Lunch

Session Five

11:45 am - 12:15 pm

Ted Gruenloh

Chief Operating Officer

7 Security Mindsets to Adopt Today

It can be easy to get caught up in thinking if you just had that new shiny device, your network security burden would be lighter. The reality is that no one device can solve your problem, and these days it takes a completely new perspective to tackle security in the real world. In this presentation, we’ll discuss 7 security mindsets – some new, some old – and how they can help you make smarter, more practical decisions about protecting your network.

Break

12:15 pm - 12:30 pm

Break / Vendor Booth Time

Session Six

12:30 pm - 1:00 pm

Chris Gerritz

Co-Founder and Chief Product Officer

IR Readiness: Critical Capabilities To Find and Respond to Attackers in your Network

According to recent reports, nearly 1/3rd of all US Businesses experienced a cybersecurity related breach last year. With hackers increasingly targeting US businesses and insiders mishandling or misusing their privileges and access, its’ imperative that all organizations have incident response (IR) capabilities at the ready. We aren’t talking about a written plan but real capabilities that include visibility, centralized logging, root cause analysis, and assessment. While we can agree IR capabilities are important, most businesses do not and may never have on-staff responders or organized security operations – if you are one of these, this talk is for you.

In this talk, we will review some critical capabilities to arm your business with that can be leveraged by IT administrators and limited security staffs either through appropriate tooling, technologies, or 3rd party services.

Speaker’s Bio:

Infocyte is the result of Chris’ experience hunting adversaries within some of the largest and most targeted defense networks in the world. His experience building the U.S. Military’s first malware hunting team provides him with an unmatched level of operational expertise and equips him with a highly refined perspective on how to tackle today’s security threats. From a decade of military service, Chris draws on both leadership and deep technical experience serving in various roles such as cryptographic systems maintainer, cyber warfare officer and Air Force pilot.

Prior to co-founding Infocyte, Chris served as the U.S. Air Force Computer Emergency Response Team’s (AFCERT) first Chief of DCC Operations. In this role, he led a team of 28 operators tasked with finding, tracking, and neutralizing state-sponsored threats on the Air Force’s $2B, 800k node enterprise network. He personally conducted and/or oversaw 350+ adversarial hunt, rapid response and threat engagement missions on networks throughout the world.

Session Seven

1:00 pm - 1:30 pm

Erich Kron

Security Awareness Advocate

The Human Deception Problem: Understanding and Defending Against Social Engineering Attacks

The most successful method of cyber-attacks continues to be phishing. These attacks cost organizations millions of dollars each year and things are just getting worse. As these attacks intensify and become more refined, technology is failing to keep up and your users will continue to fall prey. To effectively defend yourself against this, you have to understand how the attacks work, including the psychological triggers and tricks the attackers are using. This session will explore the different levers that social engineers and scam artists pull to make your users more likely to do their bidding.

Join Erich Kron CISSP, Security Awareness Advocate at KnowBe4, as he provides fun and engaging examples of mental manipulation in everyday life: from the tactics used by common criminals, to sophisticated social engineering and online scams. Additionally, he’ll look at how you can ethically use the very same levers when educating your users.

Key Takeaways

· The Perception vs. Reality Dilemma

· Understanding the OODA (Observe, Orient, Decide, Act) Loop

· How social engineers and scam artists achieve their goals by subverting critical thinking steps

· How you can defend your organization and create your human firewall

Speaker’s Bio:

Erich Kron, Security Awareness Advocate at KnowBe4, is a veteran information security professional with over 20 years’ experience in the medical, aerospace manufacturing and defense fields. He is the former security manager for the US Army’s 2nd Regional Cyber Center-Western Hemisphere and holds CISSP, CISSP-ISSAP, MCITP and ITIL v3 certifications, among others. Erich has worked with information security professionals around the world to provide the tools, training and educational opportunities to succeed in Information Security.

Break

1:30 pm - 1:45 pm

Break / Vendor Booth Time

Keynote Session

1:45 pm - 2:30 pm

James Morrison

Computer Scientist, FBI Houston Division

James Morrison is a Computer Scientist with the Federal Bureau of Investigation assigned to the Houston Division. He serves as a local technical expert to the Special Agents and Task Force Officers assigned to the Houston Area Cyber Crimes Task Force. He assists in computer intrusion investigations and reverse engineers software to determine source and purpose of the malignant code. He has worked in the IT field for more than 28 years, including 19 years with the FBI.

Prior to working with the FBI, Morrison was an engineer with Lockheed Martin at Kirtland AFB, NM and a UNIX/database administrator with the US Air Force at Falcon AFB (now Shriver AFB), CO and Clark AB, Republic of the Philippines. Morrison holds a BS in Computer Engineering degree from Colorado Tech University, a MA in US History from the University of New Mexico, and a MBA from the University of Phoenix as well as other professional certifications.

Break

2:30 pm - 2:45 pm

Break / Vendor Booth Time

Session Nine

2:45 pm - 3:15 pm

Ron Kent

Compromised User and Host Detection Using Behavioral Analytics

Studies show that over 80% of advanced attacks are attributed to external actors. Once these cyber criminals capture credentials that provide access to corporate networks, they are virtually undetectable by traditional defenses. During this session, we will discuss a variety of attacks utilizing compromised credentials and the benefits of utilizing behavioral analytics, machine learning and network data to identify and stop these attacks.

Speaker’s Bio:

Ron Kent is a national technical specialist for the Aruba IntroSpect solution, and is based in Dallas, Texas. Ron is a 28 year veteran of the IT industry, and has worked at companies such as RSA, Sybase, Business Objects, and Mattel. Before his time at HP Aruba, he spent almost a decade at RSA helping customers hunt down the forces of evil with SIEM and full packet capture solutions. When he isn’t tracking down the bad guys in the digital world, Ron enjoys spending time with his wife and family, and also riding motorcycles in the Texas Hill Country.

Session Ten

3:15 pm - 3:45 pm

Amir Sternhell

Chief Strategy Officer

Data is the New Perimeter

Data is essentially inert and passive, lacking an inherent ability to either control its own fate or mitigate risks while under process, as well as at rest and in transit. Data loss and theft is a result of the problem.

The safety of the data is wholly dependent on human behavior and infrastructure. In reality, the enterprise protects data indirectly through a static perimeter. Endpoints are managed, and trust assumed. This approach is not data-centric and has reached obsolescence.

This workshop will survey the domain of the state actors and ensuing vulnerabilities to our infrastructure and corporations. It will highlight a paradigm that imbues data with self-governance, provenance and protection capabilities, to make it the new perimeter and a source to rethink deployments, workflows, and responsibilities. Use Cases will also be discussed.

Speaker’s Bio:

Amir provides strategic direction and execution capacities to set Data: Empowered as a new global standard in the data protection space. He has twenty-five years of experience in the IT and Corporate Learning industries, including two-decades at the largest IT company in Latin America, where he was Head of a Business Intelligence Unit representing Microstrategy, and, a Chief Learning Officer, representing Harvard Business Publishing.

Amir was the founder of the first Non-Profit Organization that assisted Israel’s Incubator System, in which he hand-held over 100 high-tech companies. He was the Vice Chairman of the American-Israel Chamber of Commerce and Industry, overseeing its initiatives, and a Recipient of its Business Leadership Award.

Amir Served in the Directorate of Military Intelligence for the Israel Defense Forces, and was awarded the Most Outstanding Soldier of the Corp. in 1981. He holds an AB in Political Science and Psychology from Tel Aviv University ’86; an MIA in International Economics from Columbia University ’90; and, an MBA from the ‘Grand Ecole’ EDHEC ’92 specializing in IT and Management where he graduated first in his class.